Im surprised that there isnt just some kind of API that inspects files and says "not legal"/"legal" for website operators to use. Then they can just refuse to traffic said files if illegal. It could be as simple as testing a file hash like VirusTotal and making a judgement call. Then if someone wants to traffic in illegal content they'll at least have to resort to crypto.